| Age | Commit message (Collapse) | Author |
|---|
|
listed in ssl(3) and <openssl/ssl.h>, so it's clearly a public interface.
We might wish to merge the improved code from OpenSSL 1.1.0,
but that's major bump, so i'm documenting the BUGS for now.
|
|
in ssl(3) and <openssl/ssl.h>, so it is clearly public.
|
|
Mentioned in ssl(3) and <openssl/ssl.h>, so it is public.
|
|
SSL_add_dir_cert_subjects_to_stack(3), written from scratch.
Both functions are listed in ssl(3) and <openssl/ssl.h> and recommended
for the use by browsers in source code comments, so they are clearly
public interfaces.
Mention deduplication.
Purge some duplicate text and improve some wording while here.
Two additional cross references instead of the useless ssl(3).
Add HISTORY, AUTHORS, and BUGS.
It is depressing that BUGS (purely from code inspection) became
longer than the DESCRIPTION.
|
|
ok doug@
|
|
this contains the session master key.
ok deraadt@ doug@
|
|
this contains the session master key.
ok deraadt@ doug@
|
|
a public interface since it's listed both in ssl(3) and in
<openssl/ssl.h>. Nothing to pilfer from OpenSSL in this case...
|
|
because that's what <openssl/ssl.h> #defines.
That's likely a typo in the header file because all the other
functions are called *tmp_rsa*(). But it would be a bad idea to
fix such a bug in interfaces that are only provided for backward
compatibility in the first place, so i'm adjusting the manual to
be bug-compatible with the code, for now.
But, pretty please, for the next major bump, somebody go get Bob's
flensing knife and excise this part of the interface. Like, export
ciphers? Really?
|
|
|
|
Garbage collect empty RETURN VALUES section.
Delete useless cross reference to ssl(3).
Add cross reference to SSL_SESSION_new(3).
|
|
The function prototype is listed in ssl(3) and <openssl/ssl.h>, so
it's clearly a public interface, but OpenSSL has no documentation
about it whatsoever.
|
|
ok doug@
|
|
handshake functions, we can remove more copied code from DTLS.
|
|
up and restructure.
This also adds CBB based variants of the ssl3_handshake_msg_{start,finish}
functions - for the time being these use a CBB to build the messages, then
copy back into the init_buf.
ok doug@
|
|
|
|
Add one cross reference, from OpenSSL.
|
|
the number of bytes written via an explicit *outlen argument and retaining
the return value to indicate success or failure.
ok doug@
|
|
premaster secret, so name it accordingly. Also, remove bogus assignment
of master_key_length - the correct value is assigned when the master_key
is set.
ok beck@ doug@
|
|
ok beck@ doug@
|
|
Stop talking about SSLv2 and SSLv3.
Some minor tweaks.
|
|
Wording improvements and a bit of additional information from OpenSSL.
|
|
Stop talking about SSLv2 and SSLv3.
|
|
|
|
Merge documentation of SSL_peek(3) from OpenSSL.
Stop taking about SSLv2.
Many wording improvements, most from OpenSSL.
|
|
In the SYNOPSIS, show prototypes, not #defines.
Delete a note about ancient OpenSSL versions.
|
|
ngroup and the following EC_KEY_set_group() fails, ngroup will not be
freed. Avoid this by freeing on return.
ok millert@
|
|
slightly rewriting some code and changing the type of an array.
ok bcook@ doug@
|
|
Delete SSLv2 and SSLv3 remnants.
|
|
Minor corrections while here.
|
|
Some additional explanations from OpenSSL.
|
|
Delete empty RETURN VALUES section.
|
|
Fix the prototype of SSL_get_current_cipher(3).
In the SYNOPSIS, show prototypes rather than #defines.
Some minor improvements from OpenSSL.
|
|
Delete the RETURN VALUES section.
The content is completely unrelated to the topic of the page -
that must have been a pasto in the original commit in OpenSSL.
|
|
Some additional explanations from OpenSSL.
Delete empty RETURN VALUES section.
|
|
|
|
|
|
Talk about TLS_method() rather than SSLv23_method().
Rename WARNINGS section to CAVEATS.
|
|
|
|
Delete empty RETURN VALUES section.
|
|
Merge various updates from OpenSSL, in particular stop talking about
what happens without SSL_OP_SINGLE_DH_USE, which is now always on.
|
|
|
|
|
|
relevant for us, calling the page SSL_set_max_send_fragment(3)
|
|
|
|
|
|
|
|
Delete explanation of SSL_OP_SINGLE_DH_USE, it is always on now.
Delete explanation of obsolete option SSL_OP_EPHEMERAL_RSA.
Delete various SSLv2 and SSLv3 remnants.
Delete excessive verbiage detailing each obsolete option individually;
instead, provide one concise list of obsolete options.
Delete HISTORY of individual options; it was incomplete anyway
and is not important enough to warrant so much bloat.
Garbage collect two useless cross references.
|
|
Delete a sentence explaining exploit mitigation countermeasures
that have long been removed.
|
|
|
